Vulnerabilities > Cisco > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-02-07 CVE-2013-1202 Unspecified vulnerability in Cisco ACE Application Control Engine Module A2 3.6/3.6A
Cisco ACE A2(3.6) allows log retention DoS.
network
low complexity
cisco
5.0
5.0
2020-02-06 CVE-2013-3568 Cross-Site Request Forgery (CSRF) vulnerability in Cisco Linksys Wrt110 Firmware
Cross-site request forgery (CSRF) vulnerability in Cisco Linksys WRT110 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors.
network
cisco CWE-352
6.8
6.8
2020-02-06 CVE-2013-2684 Cross-site Scripting vulnerability in Cisco Linksys E4200 Firmware 1.0.05
Cross-site Scripting (XSS) in Cisco Linksys E4200 1.0.05 Build 7 devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
cisco CWE-79
4.3
4.3
2020-02-06 CVE-2013-2683 Information Exposure vulnerability in Cisco Linksys E4200 Firmware 1.0.05
Cisco Linksys E4200 1.0.05 Build 7 devices contain an Information Disclosure Vulnerability which allows remote attackers to obtain private IP addresses and other sensitive information.
network
low complexity
cisco CWE-200
5.0
5.0
2020-02-05 CVE-2013-2682 Improper Restriction of Rendered UI Layers or Frames vulnerability in Cisco Linksys E4200 Firmware 1.0.05
Cisco Linksys E4200 1.0.05 Build 7 devices contain a Clickjacking Vulnerability which allows remote attackers to obtain sensitive information.
network
cisco CWE-1021
4.3
4.3
2020-02-05 CVE-2013-2681 Improper Authentication vulnerability in Cisco Linksys E4200 Firmware 1.0.05
Cisco Linksys E4200 1.0.05 Build 7 devices contain a Security Bypass Vulnerability which could allow remote attackers to gain unauthorized access.
network
cisco CWE-287
4.3
4.3
2020-02-05 CVE-2013-2680 Cleartext Storage of Sensitive Information vulnerability in Cisco Linksys E4200 Firmware 1.0.05
Cisco Linksys E4200 1.0.05 Build 7 devices store passwords in cleartext allowing remote attackers to obtain sensitive information.
network
low complexity
cisco CWE-312
5.0
5.0
2020-02-05 CVE-2020-3120 Integer Overflow or Wraparound vulnerability in Cisco products
A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition.
low complexity
cisco CWE-190
6.5
6.5
2020-02-04 CVE-2013-2678 Injection vulnerability in Cisco Linksys E4200 Firmware 1.0.05
Cisco Linksys E4200 1.0.05 Build 7 routers contain a Local File Include Vulnerability which could allow remote attackers to obtain sensitive information or execute arbitrary code by sending a crafted URL request to the apply.cgi script using the submit_type parameter.
network
cisco CWE-74
6.8
6.8
2020-01-26 CVE-2020-3142 Missing Authentication for Critical Function vulnerability in Cisco Webex Meetings Online
A vulnerability in Cisco Webex Meetings Suite sites and Cisco Webex Meetings Online sites could allow an unauthenticated, remote attendee to join a password-protected meeting without providing the meeting password.
network
low complexity
cisco CWE-306
5.0
5.0